🛠 Tech Stack

💼 About This Role

You'll develop countermeasures to detect advanced threats using multi-source telemetry for Sophos X-OPS team. You'll refine detection rules to optimize signal-to-noise ratio and collaborate with CTU Threat Intelligence. This role combines malware analysis with detection engineering at a global cybersecurity leader.

🎯 What You'll Do

• Develop countermeasures for advanced threats from CTU intelligence.
• Analyze endpoint behaviors and logs to design multi-source detections.
• Continuously refine detection rules to optimize signal-to-noise ratio.
• Research and implement alert handling for new device ingestions.
• Collaborate on internal tools, automation, and detection infrastructure.

📋 Requirements

• 10+ years relevant experience in threat research.
• 5+ years in detection writing.
• Hands-on experience in scripting languages (PowerShell, Bash, Python).
• Knowledge of CI/CD pipelines and automation principles.

✨ Nice to Have

• Experience in malware analysis with static/dynamic techniques.
• Forensic analysis of memory and disk images across OS types.
• Experience with event correlation and incident reconstruction using log data.

🎁 Benefits & Perks

• 🏖️ Remote work flexibility.
• 💻 Cutting-edge tools and threat intelligence.
• 📈 Career growth at a global cybersecurity leader.
• 👥 Collaborative team with CTU experts.

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Recruiter Screen· 30 min
2. 2Technical Interview· 60 min
3. 3Hiring Manager Interview· 45 min

🚩 Heads Up

• Role title mentions Senior but requires 10+ years, which may be excessive.
• Combines threat research and detection engineering, potentially broad scope.